<?php

class Auth extends MY_Controller {

	public function __construct() {
		parent::__construct();
		$this->set_layout('backend/simple_layout');
	}

	public function index() {
		$user_id = intval($this->session->userdata('g_user_id'));
		if ($user_id > 0) {
			$this->load->helper('url');
			redirect('/common/index');
		}

		$this->set_js('SITE_URL', '\'' . SITE_URL . '\'');
		$this->set_title('内容管理系统——登录框');
		$this->load_js(array('jquery.min', 'jquery.tmpl.min', 'lib', 'auth_index'));
		$this->load_css(array('global', 'lib', 'auth_index'));
		$this->rend('auth_index');
	}

	public function login() {
		$code = strtolower(trim($this->input->post('code')));
		$rand_code = strtolower($this->session->userdata('rand_code'));

		if ($code != $rand_code) {
			$this->json_back('XT002', '验证码错误');
		}

		$username = trim($this->input->post('username'));
		$conditions = array(
			array('where', 'username', $username)
		);

		$this->load->model('user_model');

		if (!($user = $this->user_model->find($conditions))) {
			$this->json_back('XT002', '用户名不存在');
		}

		$this->load->model('wrong_times_model');
		$conditions = array(
			array('where', 'user', $user->id),
			array('where', 'created_at >', strtotime(date('today')))
		);

		$wrong_times = $this->wrong_times_model->total($conditions);

		if ($wrong_times >= 5) {
			$this->json_back('XT002', '您已超过今天5次尝试密码次数，明天再试。');
		}

		if ($user->is_freezed == 1) {
			$this->json_back('XT002', '您的帐号已被冻结，请联系管理员。');
		}

		$password = $this->input->post('password');
		if ($user->password !== md5($password)) {
			$this->wrong_times_model->insert(array('user' => $user->id));

			$this->json_back('XT002', '密码错误,您还有' . (4 - $wrong_times) . '次尝试机会');
		}

		$this->session->set_userdata(array(
			'g_user_id' => $user->id,
			'g_user_username' => $user->username,
			'g_user_sex' => $user->sex,
			'g_user_email' => $user->email,
			'g_user_permission_group' => $user->permission_group
		));

		$this->wrong_times_model->delete(array(array('where', 'user', $user->id)));

		$this->json_back('XT001');
	}

	public function logout() {
		$this->session->sess_destroy();
		$this->load->view('backend/auth_logout');
	}

	public function login_error() {
		$this->load->view('backend/auth_login_error');
	}

	public function permission_error() {
		$this->load->view('backend/auth_permission_error');
	}

	public function code() {
		header('Content-type: image/png');
		$width = 80;
		$height = 40;
		$letter_number = 4;
		$x_step = $width / $letter_number;
		$base_letters = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
		$font_path = FCPATH . '/assets/font/times.ttf';

		$image = imagecreatetruecolor($width, $height);
		$background_color = imagecolorallocate($image, 255, 255, 255);
		imagefill($image, 0, 0, $background_color);
		$text_color = imagecolorallocate($image, 0, 0, 0);

		for ($j = 0; $j < 40; $j++) {
			$rand = rand(100, 255);
			$rand_color = imagecolorallocate($image, $rand, $rand, $rand);
			imagefilledellipse($image, rand(0, $width), rand(0, $height), rand(2, 5), rand(2, 5), $rand_color);
		}

		$letters = array();
		for ($i = 0; $i < $letter_number; $i++) {
			$letters[] = $base_letters{rand(0, 25)};
			imagettftext($image, 16, 10, rand($i * $x_step + 2, ($i + 1) * $x_step - 15), rand(20, 30), $text_color, $font_path, $letters[$i]);
		}

		imagepng($image);
		imagedestroy($image);

		$this->session->set_userdata('rand_code', implode('', $letters));

		exit();
	}

	public function send_password() {
		$username = trim($this->input->post('username'));
		$email = trim($this->input->post('email'));

		if (empty($username)) {
			$this->json_back('XT002', '请填写帐号');
		}

		if (empty($email)) {
			$this->json_back('XT002', '请填写邮箱');
		}

		if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
			$this->json_back('XT002', '邮箱格式错误');
		}

		$conditions = array(
			array('where', 'username', $username),
			array('where', 'email', $email)
		);

		$this->load->model('user_model');

		if (!($user = $this->user_model->find($conditions))) {
			$this->json_back('XT002', '帐号或邮箱不存在');
		}

		$data = array(
			'password' => substr(md5(date('YmdHis') . rand(1000, 9999)), 0, 8)
		);

		$this->user_model->update($user->id, $data);

		$to = array($user->email);
		$subject = 'ALSA官方网站内容管理系统 | 重置密码';
		$content = "您的系统密码已经重置为: {$data['password']}，请及时登录修改密码。";
		set_time_limit(60);

		$config = array(
			'host' => 'smtp.exmail.qq.com',
			'port' => 25,
			'trueemail' => 'service@diantao.cn',
			'username' => 'service@diantao.cn',
			'password' => '12345a',
			'from' => 'service@diantao.cn',
			'debug' => false
		);

		$this->load->library('smtp', $config);

		$this->smtp->send($to, $subject, $content);
	}

}